Presentations
Securing web applications against OWASP Top 10 threats doesn’t always require modifying the source code. This session demonstrates how AWS-native services can help prevent exploitation of vulnerabilities like Injection, Broken Access Control, Cryptographic Failures, and Server-Side Request Forgery. Learn to apply multi-layered defenses, automate compliance, tighten the attack surface, and reduce potential attack vectors. This talk, designed for those with solid AppSec and AWS knowledge, will address how these strategies align with security frameworks and cloud-native best practices.
Organizations rely on open-source software to accelerate development and reduce costs. However, the health of the communities behind these projects is often overlooked, posing significant risks to the overall supply chain. This talk introduces a risk model implemented in the open source GrimoireLab tool to analyze open source software dependencies at scale.
Data scientists often face complex challenges when setting up their development environments, from managing dependencies to ensuring GPU compatibility for high-performance workloads. Canonical’s Data Science Stack (DSS) removes these hurdles, providing a seamless, ready-to-use environment tailored for Ubuntu.
Strong passwords are essential to keeping personal information safe, especially online. Studies show that weak passwords contribute to around 80% of data breaches, meaning most security issues are due to easy-to-guess passwords. Using simple or common passwords like "123456" or "password" makes it much easier for hackers to break into accounts. A strong password, ideally a mix of letters, numbers, and symbols, can prevent most of these problems. Fun fact: a password with 12 random characters would take millions of years for a hacker to guess!
Dive into the world of Kubernetes and discover the path to becoming a Kubestronaut. This workshop covers the journey from beginner to expert, including exam prep strategies and setting up a local environment for hands-on practice. Learn how to overcome common challenges and stay motivated on your way to achieving Kubestronaut status.
Wait, so you're saying adding more GPUs to a problem won't automatically speed things up? In this talk, I will present how enterprise datacenters, HPC shops, and home lab workflows can benefit from using multi GPU computing. Examples from computational fluid dynamics and AI/ML will highlight how leveraging multiple GPUs can reduce time to solution, and improve scalability for large, multidimensional domains. Attendees will gain insights into science's interest in GPU computing, problem decomposition, scaling to multiple GPUs, and code optimization with multiple GPUs in mind.
Source available software is thriving; more than ever, the entire world runs on OSS. We won, right?
Despite the success, maintainer burnout is worse than ever, support is low, and funding has dried up at an alarmingly fast rate. While the situation isn’t hopeless, it is urgent, and this problem doesn't come with neatly packaged solutions. There are people and programs working to reverse the course, but heightened awareness is desperately needed. Right now, things are bad, and they’re getting much worse. We can’t delay any longer; for many, it’s already too late.
As more folks deploy cloud-native architectures and technologies, store ever larger amounts of data, and build ever more complex software suites, the complexity required to correctly and securely authorize requests only becomes exponentially more difficult. Broken authorization now tops OWASP's Top 10 Security Risks. Their recommendation? Adopt ReBAC authorization models. This talk establishes the problems with the status quo, explains the concepts behind ReBAC, and introduces SpiceDB, a widely adopted open source ReBAC system inspired by the system internally powering Google: Zanzibar
A lot has been made about Broadcom's price increases for VMware, and there has also been a lot of attention paid to the technological aspects of migrating to OpenStack. Instead, let's take a look at the economics of the migration and how much it actually ends up costing organizations to migrate both in terms of licensing costs, as well as switching costs.
This talk is presented by OpenInfra Days Headline Sponsor - Rackspace Technologies
Scientific progress relies on incremental improvements, famously described by Newton’s "on the shoulders of giants." While this is true for scientific literature, code-driven analysis has not kept pace. As a scientist who transitioned from fieldwork to modeling land-atmosphere exchange, I've seen how research code often lacks long-term maintenance, limiting reuse. Research teams develop code over short timescales, publish, and move on. This talk proposes a paradigm shift in scientific coding practices, incorporating software engineering for sustainable, collaborative open-source code.